• Amused
  • Angry
  • Annoyed
  • Awesome
  • Bemused
  • Cocky
  • Cool
  • Crazy
  • Crying
  • Down
  • Drunk
  • Embarrased
  • Enraged
  • Friendly
  • Geeky
  • Godly
  • Happy
  • Hateful
  • Hungry
  • Innocent
  • Meh
  • Piratey
  • Poorly
  • Sad
  • Secret
  • Shy
  • Sneaky
  • Tired
  • Wtf
  • At Work
  • CodenzHub
  • Coding
  • Deejaying
  • Donating
  • Drinking
  • Eating
  • Editing
  • Hacking
  • Hate Mailing
  • Jamin'
  • Lagging
  • Live Streaming
  • Lurking
  • No Status
  • Pawning
  • PC Gaming
  • PS Gaming
  • Raging
  • Reversing
  • Sleeping
  • Steam Gaming
  • Trolling
  • TwitchStreamer
  • Vodka!
  • Watching TV/Movie
  • Xbox Gaming
  • Youtuber
  • Zombies
  • Page 1 of 4 123 ... LastLast
    Results 1 to 10 of 33
    1. #1
      Jr.Coder
      <3 D3D
       
      Coding
       
      gnuzim's Avatar
      Join Date
      Nov 2012
      Posts
      67
      Thanks (-->)
      43
      Thanks (<--)
      28

      Rust VMT EndScene

      Silent VPN
      Hey guys, me again!
      Here is a complete VTable Hook...

      Its already hooking EndScene,

      If you guys want wallhack & chams just hook DrawIndexedPrimitive, use some model logger and enjoy

      Click image for larger version. 

Name:	rust.jpg 
Views:	40 
Size:	218.4 KB 
ID:	2475


      #include <d3d9.h>
      #include <d3dx9.h>
      #include <stdio.h>

      #pragma comment(lib, "d3d9")
      #pragma comment(lib, "d3dx9")

      //
      #define GREEN D3DCOLOR_ARGB(255, 000, 255, 000)
      //
      class CGame;
      class cVMT;
      class cD3D;

      class CGame
      {
      public:
      cVMT* pVMT; //0x0000

      };//Size=0x0004

      class cVMT
      {
      public:
      DWORD pD3D; //0x0000

      };//Size=0x0004

      const DWORD_PTR dwAddr = reinterpret_cast<DWORD_PTR>(GetModuleHandleA("rust.exe")) + 0x9ED740;
      CGame* pGame = (CGame*)dwAddr;

      typedef HRESULT(WINAPI* tEndScene)(LPDIRECT3DDEVICE9 pDevice);
      tEndScene pEndScene;

      LPD3DXFONT g_font;
      bool once;

      void DrawTest(LPDIRECT3DDEVICE9 pDevice)
      {
      if (!once)
      {
      D3DXCreateFont(pDevice, 16, 0, FW_BOLD, 0, 0, 1, 0, 0, 0 | FF_DONTCARE, TEXT("Arial"), &g_font);
      once = true;
      }

      RECT rFont{ 10, 10, 150, 150 };

      g_font->DrawTextA(NULL, "g4x hooking", -1, &rFont, DT_LEFT, GREEN);
      }

      DWORD WINAPI hkEndScene(LPDIRECT3DDEVICE9 pDevice)
      {
      _asm pushad;
      DrawTest(pDevice);
      _asm popad;
      return pEndScene(pDevice);
      }

      DWORD WINAPI nThread()
      {
      DWORD_PTR dwEndScene = NULL;

      while (pGame != NULL)
      {
      pEndScene = (HRESULT(WINAPI*)(LPDIRECT3DDEVICE9 pDevice)) *(DWORD_PTR*)(pGame->pVMT->pD3D + 0xA8);
      VirtualProtect((LPVOID)(pGame->pVMT->pD3D + 0xA8), sizeof(DWORD_PTR), PAGE_EXECUTE_READWRITE, &dwEndScene);
      while (TRUE)
      {
      *(DWORD_PTR*)(pGame->pVMT->pD3D + 0xA8) = (DWORD_PTR)hkEndScene;
      }
      VirtualProtect((LPVOID)(pGame->pVMT->pD3D + 0xA8), sizeof(DWORD_PTR), dwEndScene, &dwEndScene);
      }
      return 0;
      }

      BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved)
      {
      if (fdwReason == DLL_PROCESS_ATTACH)
      {
      CreateThread(0, 0, (LPTHREAD_START_ROUTINE)nThread, 0, 0, 0);
      }
      return TRUE;
      }
      Last edited by gnuzim; 02-11-2014 at 12:02 AM.

    2. Thanks GAFO666 thanked for this post
    3. #2
      Hacker
      Working, University, Coding ..
       
      Drinking
       
      GAFO666's Avatar
      Join Date
      Aug 2012
      Location
      if(PlayerBase << 16) return IdontKnow("yolo");
      Posts
      531
      Thanks (-->)
      33
      Thanks (<--)
      103
      seems nice but wherefrom you get '0x9ED740' and '0xA8' ? If thats is known, it should be possible and easier for the community to apply it to other games

      Leave a rep+ if I helped you with my answer
      Dont tell me to google something, first thing I do before asking is searching on my own.

    4. #3
      Jr.Coder
      <3 D3D
       
      Coding
       
      gnuzim's Avatar
      Join Date
      Nov 2012
      Posts
      67
      Thanks (-->)
      43
      Thanks (<--)
      28
      rust.exe+ 0x9ED740 is the address from our Rust vTable ...

      0xA8 is pointing to our EndScene..

      EndScene = Vtable[42]

      42 * 4 = 168
      168 HEX = A8

      Multiply by 4 on 32bits and 8 for 64!

      Last edited by gnuzim; 02-11-2014 at 10:48 AM.

    5. #4
      Hacker
      Working, University, Coding ..
       
      Drinking
       
      GAFO666's Avatar
      Join Date
      Aug 2012
      Location
      if(PlayerBase << 16) return IdontKnow("yolo");
      Posts
      531
      Thanks (-->)
      33
      Thanks (<--)
      103
      Quote Originally Posted by gnuzim View Post
      rust.exe+ 0x9ED740 is the address from our Rust vTable ...

      0xA8 is pointing to our EndScene..

      EndScene = Vtable[42]

      42 * 4 = 168
      168 HEX = A8

      Multiply by 4 on 32bits and 8 for 64!

      aaah well, anyways rep+ ( i know that its pointing on the vtble lol xD was asking how to get the vtable for d3d of a game )

      Leave a rep+ if I helped you with my answer
      Dont tell me to google something, first thing I do before asking is searching on my own.

    6. #5
      Jr.Coder
      <3 D3D
       
      Coding
       
      gnuzim's Avatar
      Join Date
      Nov 2012
      Posts
      67
      Thanks (-->)
      43
      Thanks (<--)
      28
      Ah, lol!
      Well, the way i do, i use D3D9_Test Environment to get my EndScene address!

      Go to my game, open CE
      Click on Memory View
      CTRL+G, search for your EndScene address

      8B FF mov edi, edi

      Breakpoint it...
      Copy EAX Address on the right

      now search for that HEX address

      you will get a few results, look for static addresses(Green)

      And that is your module+address

      Sometimes u'll get more then one...
      if you can't identify which one is right you should try them!

      Sorry for this crap tutorial, if you don't get it i'll make a better one!
      Last edited by gnuzim; 02-11-2014 at 11:03 AM.

    7. #6
      Hacker
      Working, University, Coding ..
       
      Drinking
       
      GAFO666's Avatar
      Join Date
      Aug 2012
      Location
      if(PlayerBase << 16) return IdontKnow("yolo");
      Posts
      531
      Thanks (-->)
      33
      Thanks (<--)
      103
      Quote Originally Posted by gnuzim View Post
      Ah, lol!
      Well, the way i do, i use D3D9_Test Environment to get my EndScene address!

      Go to my game, open CE
      Click on Memory View
      CTRL+G, search for your EndScene address

      8B FF mov edi, edi

      Breakpoint it...
      Copy EAX Address on the right

      now search for that HEX address

      you will get a few results, look for static addresses(Green)

      And that is your module+address

      Sometimes u'll get more then one...
      if you can't identify which one is right you should try them!

      Sorry for this crap tutorial, if you don't get it i'll make a better one!
      ooow its not that bad, but the eax on the right is just weird Oo
      so if i search for '00000001' there are over 245k adresses xD
      Rust VMT EndScene

      Leave a rep+ if I helped you with my answer
      Dont tell me to google something, first thing I do before asking is searching on my own.

    8. #7
      Jr.Coder
      <3 D3D
       
      Coding
       
      gnuzim's Avatar
      Join Date
      Nov 2012
      Posts
      67
      Thanks (-->)
      43
      Thanks (<--)
      28
      which game is that?

    9. #8
      Hacker
      Working, University, Coding ..
       
      Drinking
       
      GAFO666's Avatar
      Join Date
      Aug 2012
      Location
      if(PlayerBase << 16) return IdontKnow("yolo");
      Posts
      531
      Thanks (-->)
      33
      Thanks (<--)
      103
      Quote Originally Posted by gnuzim View Post
      which game is that?
      CSS , you made one for CSGO as well, so i thought it works in CSS also

      Leave a rep+ if I helped you with my answer
      Dont tell me to google something, first thing I do before asking is searching on my own.

    10. #9
      Jr.Coder
      <3 D3D
       
      Coding
       
      gnuzim's Avatar
      Join Date
      Nov 2012
      Posts
      67
      Thanks (-->)
      43
      Thanks (<--)
      28
      Its easy to get from CSS, are you using Windows 8?

    11. #10
      Hacker
      Working, University, Coding ..
       
      Drinking
       
      GAFO666's Avatar
      Join Date
      Aug 2012
      Location
      if(PlayerBase << 16) return IdontKnow("yolo");
      Posts
      531
      Thanks (-->)
      33
      Thanks (<--)
      103
      Silent VPN
      Quote Originally Posted by gnuzim View Post
      Its easy to get from CSS, are you using Windows 8?
      win7 64bit home premium

      Leave a rep+ if I helped you with my answer
      Dont tell me to google something, first thing I do before asking is searching on my own.

    Page 1 of 4 123 ... LastLast

    Similar Game Hacker Threads

    1. [Help] Help with rust hack!
      By lll in forum Other Game Hacks
      Replies: 8
      Last Post: 12-30-2015, 07:11 PM
    2. [Help] ENDSCENE Hooking
      By Ace0fSpades in forum GH Tutorials Help
      Replies: 3
      Last Post: 09-19-2015, 09:26 PM
    3. [Help] Rust cheats: how to?
      By user123 in forum Hacking Help
      Replies: 3
      Last Post: 10-26-2014, 12:45 PM
    4. [Help] Rust hack
      By Luciz in forum Hacking Help
      Replies: 11
      Last Post: 08-20-2014, 02:15 PM
    5. [Off Topic] Rust Hack
      By TastyHorror in forum Other Game Hacks
      Replies: 3
      Last Post: 10-27-2013, 12:21 AM

    Tags for this Thread